<?php
/*
	My College Link - Database Functions related to login system
	Dan Newman
	8/24/2011
	
	uses DBFunctions.php
*/


include("../DBFunctions.php");


//logs in the user and returns true if the username and password combination are valid
//if not sets userID to null and returns false
function logInUser($user, $pass){
	$_SESSION['userID'] = null;
	$success = verifyUserPass($user,$pass);
	if($success){
		$_SESSION['userID'] = $success;
		return true;
	}
	return false;
}

//Verifies the username and password combination. If the
//combination is valid, then returns the userID, otherrwise returns null
function verifyUserPass($user, $pass){
	
	$query = <<<STR
		Select UserID, Password
		From users
		Where UserName = '$user'
STR;
  
  $res = executeQuery($query);
	
  if(isset($res)){
	  extract($res[0]);
	  if(strcmp($pass,$Password) == 0){
	  	return $UserID;
	  }
  }
  return null;
}

function sanitize($str){
	return $str;
}